From: Sasha Levin Date: Sun, 4 Dec 2022 02:26:50 +0000 (-0500) Subject: Fixes for 5.10 X-Git-Tag: v4.9.335~56 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c5ec6c2bc94c760798bc4223dd2d2f300e3c3ac5;p=thirdparty%2Fkernel%2Fstable-queue.git Fixes for 5.10 Signed-off-by: Sasha Levin --- diff --git a/queue-5.10/asoc-ops-fix-bounds-check-for-_sx-controls.patch b/queue-5.10/asoc-ops-fix-bounds-check-for-_sx-controls.patch new file mode 100644 index 00000000000..554aff93113 --- /dev/null +++ b/queue-5.10/asoc-ops-fix-bounds-check-for-_sx-controls.patch @@ -0,0 +1,39 @@ +From 0a025003b64a0b7baa6aacd3f9b667cf3c2f7e1f Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 11 May 2022 14:41:36 +0100 +Subject: ASoC: ops: Fix bounds check for _sx controls + +From: Mark Brown + +[ Upstream commit 698813ba8c580efb356ace8dbf55f61dac6063a8 ] + +For _sx controls the semantics of the max field is not the usual one, max +is the number of steps rather than the maximum value. This means that our +check in snd_soc_put_volsw_sx() needs to just check against the maximum +value. + +Fixes: 4f1e50d6a9cf9c1b ("ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()") +Signed-off-by: Mark Brown +Link: https://lore.kernel.org/r/20220511134137.169575-1-broonie@kernel.org +Signed-off-by: Mark Brown +Signed-off-by: Sasha Levin +--- + sound/soc/soc-ops.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sound/soc/soc-ops.c b/sound/soc/soc-ops.c +index 0f26d6c31ce5..5fdd96e77ef3 100644 +--- a/sound/soc/soc-ops.c ++++ b/sound/soc/soc-ops.c +@@ -432,7 +432,7 @@ int snd_soc_put_volsw_sx(struct snd_kcontrol *kcontrol, + val = ucontrol->value.integer.value[0]; + if (mc->platform_max && val > mc->platform_max) + return -EINVAL; +- if (val > max - min) ++ if (val > max) + return -EINVAL; + if (val < 0) + return -EINVAL; +-- +2.35.1 + diff --git a/queue-5.10/iommu-vt-d-fix-pci-device-refcount-leak-in-dmar_dev_.patch b/queue-5.10/iommu-vt-d-fix-pci-device-refcount-leak-in-dmar_dev_.patch new file mode 100644 index 00000000000..429119f00a3 --- /dev/null +++ b/queue-5.10/iommu-vt-d-fix-pci-device-refcount-leak-in-dmar_dev_.patch @@ -0,0 +1,43 @@ +From ab880711a1eb1552524aec484e33a48f898fb328 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 1 Dec 2022 12:01:27 +0800 +Subject: iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() + +From: Xiongfeng Wang + +[ Upstream commit 4bedbbd782ebbe7287231fea862c158d4f08a9e3 ] + +for_each_pci_dev() is implemented by pci_get_device(). The comment of +pci_get_device() says that it will increase the reference count for the +returned pci_dev and also decrease the reference count for the input +pci_dev @from if it is not NULL. + +If we break for_each_pci_dev() loop with pdev not NULL, we need to call +pci_dev_put() to decrease the reference count. Add the missing +pci_dev_put() for the error path to avoid reference count leak. + +Fixes: 2e4552893038 ("iommu/vt-d: Unify the way to process DMAR device scope array") +Signed-off-by: Xiongfeng Wang +Link: https://lore.kernel.org/r/20221121113649.190393-3-wangxiongfeng2@huawei.com +Signed-off-by: Lu Baolu +Signed-off-by: Joerg Roedel +Signed-off-by: Sasha Levin +--- + drivers/iommu/intel/dmar.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/drivers/iommu/intel/dmar.c b/drivers/iommu/intel/dmar.c +index 0bc497f4cb9f..a27765a7f6b7 100644 +--- a/drivers/iommu/intel/dmar.c ++++ b/drivers/iommu/intel/dmar.c +@@ -816,6 +816,7 @@ int __init dmar_dev_scope_init(void) + info = dmar_alloc_pci_notify_info(dev, + BUS_NOTIFY_ADD_DEVICE); + if (!info) { ++ pci_dev_put(dev); + return dmar_dev_scope_status; + } else { + dmar_pci_bus_add_dev(info); +-- +2.35.1 + diff --git a/queue-5.10/iommu-vt-d-fix-pci-device-refcount-leak-in-has_exter.patch b/queue-5.10/iommu-vt-d-fix-pci-device-refcount-leak-in-has_exter.patch new file mode 100644 index 00000000000..dea99264551 --- /dev/null +++ b/queue-5.10/iommu-vt-d-fix-pci-device-refcount-leak-in-has_exter.patch @@ -0,0 +1,47 @@ +From 015babbd3003a399a9721b61c40c9baef368192a Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 1 Dec 2022 12:01:26 +0800 +Subject: iommu/vt-d: Fix PCI device refcount leak in has_external_pci() + +From: Xiongfeng Wang + +[ Upstream commit afca9e19cc720bfafc75dc5ce429c185ca93f31d ] + +for_each_pci_dev() is implemented by pci_get_device(). The comment of +pci_get_device() says that it will increase the reference count for the +returned pci_dev and also decrease the reference count for the input +pci_dev @from if it is not NULL. + +If we break for_each_pci_dev() loop with pdev not NULL, we need to call +pci_dev_put() to decrease the reference count. Add the missing +pci_dev_put() before 'return true' to avoid reference count leak. + +Fixes: 89a6079df791 ("iommu/vt-d: Force IOMMU on for platform opt in hint") +Signed-off-by: Xiongfeng Wang +Link: https://lore.kernel.org/r/20221121113649.190393-2-wangxiongfeng2@huawei.com +Signed-off-by: Lu Baolu +Signed-off-by: Joerg Roedel +Signed-off-by: Sasha Levin +--- + drivers/iommu/intel/iommu.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c +index f23329b7f97c..47666c9b4ba1 100644 +--- a/drivers/iommu/intel/iommu.c ++++ b/drivers/iommu/intel/iommu.c +@@ -4893,8 +4893,10 @@ static inline bool has_external_pci(void) + struct pci_dev *pdev = NULL; + + for_each_pci_dev(pdev) +- if (pdev->external_facing) ++ if (pdev->external_facing) { ++ pci_dev_put(pdev); + return true; ++ } + + return false; + } +-- +2.35.1 + diff --git a/queue-5.10/ipv4-fix-route-deletion-when-nexthop-info-is-not-spe.patch b/queue-5.10/ipv4-fix-route-deletion-when-nexthop-info-is-not-spe.patch new file mode 100644 index 00000000000..bcad9d589a9 --- /dev/null +++ b/queue-5.10/ipv4-fix-route-deletion-when-nexthop-info-is-not-spe.patch @@ -0,0 +1,118 @@ +From fbb8b10896dd2ddfcafbdc4c48e8bc180f46066a Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 24 Nov 2022 23:09:32 +0200 +Subject: ipv4: Fix route deletion when nexthop info is not specified + +From: Ido Schimmel + +[ Upstream commit d5082d386eee7e8ec46fa8581932c81a4961dcef ] + +When the kernel receives a route deletion request from user space it +tries to delete a route that matches the route attributes specified in +the request. + +If only prefix information is specified in the request, the kernel +should delete the first matching FIB alias regardless of its associated +FIB info. However, an error is currently returned when the FIB info is +backed by a nexthop object: + + # ip nexthop add id 1 via 192.0.2.2 dev dummy10 + # ip route add 198.51.100.0/24 nhid 1 + # ip route del 198.51.100.0/24 + RTNETLINK answers: No such process + +Fix by matching on such a FIB info when legacy nexthop attributes are +not specified in the request. An earlier check already covers the case +where a nexthop ID is specified in the request. + +Add tests that cover these flows. Before the fix: + + # ./fib_nexthops.sh -t ipv4_fcnal + ... + TEST: Delete route when not specifying nexthop attributes [FAIL] + + Tests passed: 11 + Tests failed: 1 + +After the fix: + + # ./fib_nexthops.sh -t ipv4_fcnal + ... + TEST: Delete route when not specifying nexthop attributes [ OK ] + + Tests passed: 12 + Tests failed: 0 + +No regressions in other tests: + + # ./fib_nexthops.sh + ... + Tests passed: 228 + Tests failed: 0 + + # ./fib_tests.sh + ... + Tests passed: 186 + Tests failed: 0 + +Cc: stable@vger.kernel.org +Reported-by: Jonas Gorski +Tested-by: Jonas Gorski +Fixes: 493ced1ac47c ("ipv4: Allow routes to use nexthop objects") +Fixes: 6bf92d70e690 ("net: ipv4: fix route with nexthop object delete warning") +Fixes: 61b91eb33a69 ("ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference") +Signed-off-by: Ido Schimmel +Reviewed-by: Nikolay Aleksandrov +Reviewed-by: David Ahern +Link: https://lore.kernel.org/r/20221124210932.2470010-1-idosch@nvidia.com +Signed-off-by: Jakub Kicinski +Signed-off-by: Sasha Levin +--- + net/ipv4/fib_semantics.c | 8 +++++--- + tools/testing/selftests/net/fib_nexthops.sh | 11 +++++++++++ + 2 files changed, 16 insertions(+), 3 deletions(-) + +diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c +index f62b1739f63b..52ec0c43e6b8 100644 +--- a/net/ipv4/fib_semantics.c ++++ b/net/ipv4/fib_semantics.c +@@ -887,9 +887,11 @@ int fib_nh_match(struct net *net, struct fib_config *cfg, struct fib_info *fi, + return 1; + } + +- /* cannot match on nexthop object attributes */ +- if (fi->nh) +- return 1; ++ if (fi->nh) { ++ if (cfg->fc_oif || cfg->fc_gw_family || cfg->fc_mp) ++ return 1; ++ return 0; ++ } + + if (cfg->fc_oif || cfg->fc_gw_family) { + struct fib_nh *nh; +diff --git a/tools/testing/selftests/net/fib_nexthops.sh b/tools/testing/selftests/net/fib_nexthops.sh +index 050c1e0f1b0f..7ece4131dc6f 100755 +--- a/tools/testing/selftests/net/fib_nexthops.sh ++++ b/tools/testing/selftests/net/fib_nexthops.sh +@@ -950,6 +950,17 @@ ipv4_fcnal() + run_cmd "$IP ro add 172.16.101.0/24 nhid 21" + run_cmd "$IP ro del 172.16.101.0/24 nexthop via 172.16.1.7 dev veth1 nexthop via 172.16.1.8 dev veth1" + log_test $? 2 "Delete multipath route with only nh id based entry" ++ ++ run_cmd "$IP nexthop add id 22 via 172.16.1.6 dev veth1" ++ run_cmd "$IP ro add 172.16.102.0/24 nhid 22" ++ run_cmd "$IP ro del 172.16.102.0/24 dev veth1" ++ log_test $? 2 "Delete route when specifying only nexthop device" ++ ++ run_cmd "$IP ro del 172.16.102.0/24 via 172.16.1.6" ++ log_test $? 2 "Delete route when specifying only gateway" ++ ++ run_cmd "$IP ro del 172.16.102.0/24" ++ log_test $? 0 "Delete route when not specifying nexthop attributes" + } + + ipv4_grp_fcnal() +-- +2.35.1 + diff --git a/queue-5.10/ipv4-handle-attempt-to-delete-multipath-route-when-f.patch b/queue-5.10/ipv4-handle-attempt-to-delete-multipath-route-when-f.patch new file mode 100644 index 00000000000..4f570e60116 --- /dev/null +++ b/queue-5.10/ipv4-handle-attempt-to-delete-multipath-route-when-f.patch @@ -0,0 +1,75 @@ +From 54fe3e335b3e93b9a619ec22d80e635844d00789 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 6 Oct 2022 10:48:49 -0600 +Subject: ipv4: Handle attempt to delete multipath route when fib_info contains + an nh reference + +From: David Ahern + +[ Upstream commit 61b91eb33a69c3be11b259c5ea484505cd79f883 ] + +Gwangun Jung reported a slab-out-of-bounds access in fib_nh_match: + fib_nh_match+0xf98/0x1130 linux-6.0-rc7/net/ipv4/fib_semantics.c:961 + fib_table_delete+0x5f3/0xa40 linux-6.0-rc7/net/ipv4/fib_trie.c:1753 + inet_rtm_delroute+0x2b3/0x380 linux-6.0-rc7/net/ipv4/fib_frontend.c:874 + +Separate nexthop objects are mutually exclusive with the legacy +multipath spec. Fix fib_nh_match to return if the config for the +to be deleted route contains a multipath spec while the fib_info +is using a nexthop object. + +Fixes: 493ced1ac47c ("ipv4: Allow routes to use nexthop objects") +Fixes: 6bf92d70e690 ("net: ipv4: fix route with nexthop object delete warning") +Reported-by: Gwangun Jung +Signed-off-by: David Ahern +Reviewed-by: Ido Schimmel +Tested-by: Ido Schimmel +Signed-off-by: David S. Miller +Stable-dep-of: d5082d386eee ("ipv4: Fix route deletion when nexthop info is not specified") +Signed-off-by: Sasha Levin +--- + net/ipv4/fib_semantics.c | 8 ++++---- + tools/testing/selftests/net/fib_nexthops.sh | 5 +++++ + 2 files changed, 9 insertions(+), 4 deletions(-) + +diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c +index 3824b7abecf7..f62b1739f63b 100644 +--- a/net/ipv4/fib_semantics.c ++++ b/net/ipv4/fib_semantics.c +@@ -887,13 +887,13 @@ int fib_nh_match(struct net *net, struct fib_config *cfg, struct fib_info *fi, + return 1; + } + ++ /* cannot match on nexthop object attributes */ ++ if (fi->nh) ++ return 1; ++ + if (cfg->fc_oif || cfg->fc_gw_family) { + struct fib_nh *nh; + +- /* cannot match on nexthop object attributes */ +- if (fi->nh) +- return 1; +- + nh = fib_info_nh(fi, 0); + if (cfg->fc_encap) { + if (fib_encap_match(net, cfg->fc_encap_type, +diff --git a/tools/testing/selftests/net/fib_nexthops.sh b/tools/testing/selftests/net/fib_nexthops.sh +index 56d90335605d..050c1e0f1b0f 100755 +--- a/tools/testing/selftests/net/fib_nexthops.sh ++++ b/tools/testing/selftests/net/fib_nexthops.sh +@@ -945,6 +945,11 @@ ipv4_fcnal() + log_test $rc 0 "Delete nexthop route warning" + run_cmd "$IP route delete 172.16.101.1/32 nhid 12" + run_cmd "$IP nexthop del id 12" ++ ++ run_cmd "$IP nexthop add id 21 via 172.16.1.6 dev veth1" ++ run_cmd "$IP ro add 172.16.101.0/24 nhid 21" ++ run_cmd "$IP ro del 172.16.101.0/24 nexthop via 172.16.1.7 dev veth1 nexthop via 172.16.1.8 dev veth1" ++ log_test $? 2 "Delete multipath route with only nh id based entry" + } + + ipv4_grp_fcnal() +-- +2.35.1 + diff --git a/queue-5.10/kconfig.debug-provide-a-little-extra-frame_warn-leew.patch b/queue-5.10/kconfig.debug-provide-a-little-extra-frame_warn-leew.patch new file mode 100644 index 00000000000..b0c9e32ceb1 --- /dev/null +++ b/queue-5.10/kconfig.debug-provide-a-little-extra-frame_warn-leew.patch @@ -0,0 +1,56 @@ +From 82691a38cee22f5bdaf2bcddcaf752bcc330f5bf Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 25 Nov 2022 12:07:50 +0000 +Subject: Kconfig.debug: provide a little extra FRAME_WARN leeway when KASAN is + enabled +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Lee Jones + +[ Upstream commit 152fe65f300e1819d59b80477d3e0999b4d5d7d2 ] + +When enabled, KASAN enlarges function's stack-frames. Pushing quite a few +over the current threshold. This can mainly be seen on 32-bit +architectures where the present limit (when !GCC) is a lowly 1024-Bytes. + +Link: https://lkml.kernel.org/r/20221125120750.3537134-3-lee@kernel.org +Signed-off-by: Lee Jones +Acked-by: Arnd Bergmann +Cc: Alex Deucher +Cc: "Christian König" +Cc: Daniel Vetter +Cc: David Airlie +Cc: Harry Wentland +Cc: Leo Li +Cc: Maarten Lankhorst +Cc: Maxime Ripard +Cc: Nathan Chancellor +Cc: Nick Desaulniers +Cc: "Pan, Xinhui" +Cc: Rodrigo Siqueira +Cc: Thomas Zimmermann +Cc: Tom Rix +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Sasha Levin +--- + lib/Kconfig.debug | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug +index 54502848e9dc..4aed8abb2022 100644 +--- a/lib/Kconfig.debug ++++ b/lib/Kconfig.debug +@@ -300,6 +300,7 @@ config FRAME_WARN + default 2048 if GCC_PLUGIN_LATENT_ENTROPY + default 2048 if PARISC + default 1536 if (!64BIT && XTENSA) ++ default 1280 if KASAN && !64BIT + default 1024 if !64BIT + default 2048 if 64BIT + help +-- +2.35.1 + diff --git a/queue-5.10/parisc-increase-frame_warn-to-2048-bytes-on-parisc.patch b/queue-5.10/parisc-increase-frame_warn-to-2048-bytes-on-parisc.patch new file mode 100644 index 00000000000..112b31f05ba --- /dev/null +++ b/queue-5.10/parisc-increase-frame_warn-to-2048-bytes-on-parisc.patch @@ -0,0 +1,40 @@ +From 7aa5613f431a22b0d407ddcd034c2933783baae2 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 19 Nov 2021 22:31:03 +0100 +Subject: parisc: Increase FRAME_WARN to 2048 bytes on parisc + +From: Helge Deller + +[ Upstream commit 8d192bec534bd5b778135769a12e5f04580771f7 ] + +PA-RISC uses a much bigger frame size for functions than other +architectures. So increase it to 2048 for 32- and 64-bit kernels. +This fixes e.g. a warning in lib/xxhash.c. + +Reported-by: kernel test robot +Signed-off-by: Helge Deller +Stable-dep-of: 152fe65f300e ("Kconfig.debug: provide a little extra FRAME_WARN leeway when KASAN is enabled") +Signed-off-by: Sasha Levin +--- + lib/Kconfig.debug | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug +index f6c50f8ee9a1..54502848e9dc 100644 +--- a/lib/Kconfig.debug ++++ b/lib/Kconfig.debug +@@ -298,8 +298,9 @@ config FRAME_WARN + int "Warn for stack frames larger than" + range 0 8192 + default 2048 if GCC_PLUGIN_LATENT_ENTROPY +- default 1536 if (!64BIT && (PARISC || XTENSA)) +- default 1024 if (!64BIT && !PARISC) ++ default 2048 if PARISC ++ default 1536 if (!64BIT && XTENSA) ++ default 1024 if !64BIT + default 2048 if 64BIT + help + Tell gcc to warn at build time for stack frames larger than this. +-- +2.35.1 + diff --git a/queue-5.10/parisc-increase-size-of-gcc-stack-frame-check.patch b/queue-5.10/parisc-increase-size-of-gcc-stack-frame-check.patch new file mode 100644 index 00000000000..da61b3e242d --- /dev/null +++ b/queue-5.10/parisc-increase-size-of-gcc-stack-frame-check.patch @@ -0,0 +1,38 @@ +From 9679629b1d8ea6a958353ce88fbcdeb6318442d7 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 7 Jul 2021 15:38:08 +0200 +Subject: parisc: Increase size of gcc stack frame check + +From: Helge Deller + +[ Upstream commit 55b70eed81cba1331773d4aaf5cba2bb07475cd8 ] + +parisc uses much bigger frames than other architectures, so increase the +stack frame check value to avoid compiler warnings. + +Cc: Arnd Bergmann +Cc: Abd-Alrhman Masalkhi +Cc: Christoph Hellwig +Signed-off-by: Helge Deller +Stable-dep-of: 152fe65f300e ("Kconfig.debug: provide a little extra FRAME_WARN leeway when KASAN is enabled") +Signed-off-by: Sasha Levin +--- + lib/Kconfig.debug | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug +index 6b0649d8bca7..8cf3b87edd63 100644 +--- a/lib/Kconfig.debug ++++ b/lib/Kconfig.debug +@@ -298,7 +298,7 @@ config FRAME_WARN + int "Warn for stack frames larger than" + range 0 8192 + default 2048 if GCC_PLUGIN_LATENT_ENTROPY +- default 1280 if (!64BIT && PARISC) ++ default 1536 if (!64BIT && PARISC) + default 1024 if (!64BIT && !PARISC) + default 2048 if 64BIT + help +-- +2.35.1 + diff --git a/queue-5.10/pinctrl-single-fix-potential-division-by-zero.patch b/queue-5.10/pinctrl-single-fix-potential-division-by-zero.patch new file mode 100644 index 00000000000..80a6c956851 --- /dev/null +++ b/queue-5.10/pinctrl-single-fix-potential-division-by-zero.patch @@ -0,0 +1,43 @@ +From d351a4cb44ca18f80181628abce30b2cd977df36 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 17 Nov 2022 15:30:34 +0300 +Subject: pinctrl: single: Fix potential division by zero + +From: Maxim Korotkov + +[ Upstream commit 64c150339e7f6c5cbbe8c17a56ef2b3902612798 ] + +There is a possibility of dividing by zero due to the pcs->bits_per_pin +if pcs->fmask() also has a value of zero and called fls +from asm-generic/bitops/builtin-fls.h or arch/x86/include/asm/bitops.h. +The function pcs_probe() has the branch that assigned to fmask 0 before +pcs_allocate_pin_table() was called + +Found by Linux Verification Center (linuxtesting.org) with SVACE. + +Fixes: 4e7e8017a80e ("pinctrl: pinctrl-single: enhance to configure multiple pins of different modules") +Signed-off-by: Maxim Korotkov +Reviewed-by: Tony Lindgren +Link: https://lore.kernel.org/r/20221117123034.27383-1-korotkov.maxim.s@gmail.com +Signed-off-by: Linus Walleij +Signed-off-by: Sasha Levin +--- + drivers/pinctrl/pinctrl-single.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/pinctrl/pinctrl-single.c b/drivers/pinctrl/pinctrl-single.c +index 17aa0d542d92..d139cd9e6d13 100644 +--- a/drivers/pinctrl/pinctrl-single.c ++++ b/drivers/pinctrl/pinctrl-single.c +@@ -726,7 +726,7 @@ static int pcs_allocate_pin_table(struct pcs_device *pcs) + + mux_bytes = pcs->width / BITS_PER_BYTE; + +- if (pcs->bits_per_mux) { ++ if (pcs->bits_per_mux && pcs->fmask) { + pcs->bits_per_pin = fls(pcs->fmask); + nr_pins = (pcs->size * BITS_PER_BYTE) / pcs->bits_per_pin; + num_pins_in_register = pcs->width / pcs->bits_per_pin; +-- +2.35.1 + diff --git a/queue-5.10/selftests-net-add-delete-nexthop-route-warning-test.patch b/queue-5.10/selftests-net-add-delete-nexthop-route-warning-test.patch new file mode 100644 index 00000000000..86d2083e3f5 --- /dev/null +++ b/queue-5.10/selftests-net-add-delete-nexthop-route-warning-test.patch @@ -0,0 +1,60 @@ +From f4c752323229c90864d6c97c29df7c048aa5b457 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 1 Apr 2022 10:33:43 +0300 +Subject: selftests: net: add delete nexthop route warning test + +From: Nikolay Aleksandrov + +[ Upstream commit 392baa339c6a42a2cb088e5e5df2b59b8f89be24 ] + +Add a test which causes a WARNING on kernels which treat a +nexthop route like a normal route when comparing for deletion and a +device is specified. That is, a route is found but we hit a warning while +matching it. The warning is from fib_info_nh() in include/net/nexthop.h +because we run it on a fib_info with nexthop object. The call chain is: + inet_rtm_delroute -> fib_table_delete -> fib_nh_match (called with a +nexthop fib_info and also with fc_oif set thus calling fib_info_nh on +the fib_info and triggering the warning). + +Repro steps: + $ ip nexthop add id 12 via 172.16.1.3 dev veth1 + $ ip route add 172.16.101.1/32 nhid 12 + $ ip route delete 172.16.101.1/32 dev veth1 + +Signed-off-by: Nikolay Aleksandrov +Reviewed-by: David Ahern +Signed-off-by: David S. Miller +Stable-dep-of: d5082d386eee ("ipv4: Fix route deletion when nexthop info is not specified") +Signed-off-by: Sasha Levin +--- + tools/testing/selftests/net/fib_nexthops.sh | 14 ++++++++++++++ + 1 file changed, 14 insertions(+) + +diff --git a/tools/testing/selftests/net/fib_nexthops.sh b/tools/testing/selftests/net/fib_nexthops.sh +index 4c7d33618437..8cca92c969b6 100755 +--- a/tools/testing/selftests/net/fib_nexthops.sh ++++ b/tools/testing/selftests/net/fib_nexthops.sh +@@ -931,6 +931,20 @@ ipv4_fcnal() + set +e + check_nexthop "dev veth1" "" + log_test $? 0 "Nexthops removed on admin down" ++ ++ # nexthop route delete warning: route add with nhid and delete ++ # using device ++ run_cmd "$IP li set dev veth1 up" ++ run_cmd "$IP nexthop add id 12 via 172.16.1.3 dev veth1" ++ out1=`dmesg | grep "WARNING:.*fib_nh_match.*" | wc -l` ++ run_cmd "$IP route add 172.16.101.1/32 nhid 12" ++ run_cmd "$IP route delete 172.16.101.1/32 dev veth1" ++ out2=`dmesg | grep "WARNING:.*fib_nh_match.*" | wc -l` ++ [ $out1 -eq $out2 ] ++ rc=$? ++ log_test $rc 0 "Delete nexthop route warning" ++ run_cmd "$IP ip route delete 172.16.101.1/32 nhid 12" ++ run_cmd "$IP ip nexthop del id 12" + } + + ipv4_grp_fcnal() +-- +2.35.1 + diff --git a/queue-5.10/selftests-net-fix-nexthop-warning-cleanup-double-ip-.patch b/queue-5.10/selftests-net-fix-nexthop-warning-cleanup-double-ip-.patch new file mode 100644 index 00000000000..c2b0d05e933 --- /dev/null +++ b/queue-5.10/selftests-net-fix-nexthop-warning-cleanup-double-ip-.patch @@ -0,0 +1,41 @@ +From f6ae4fb86435500419c566c6b1e8d4534de30bd7 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 1 Apr 2022 18:54:27 +0300 +Subject: selftests: net: fix nexthop warning cleanup double ip typo + +From: Nikolay Aleksandrov + +[ Upstream commit 692930cc435099580a4b9e32fa781b0688c18439 ] + +I made a stupid typo when adding the nexthop route warning selftest and +added both $IP and ip after it (double ip) on the cleanup path. The +error doesn't show up when running the test, but obviously it doesn't +cleanup properly after it. + +Fixes: 392baa339c6a ("selftests: net: add delete nexthop route warning test") +Signed-off-by: Nikolay Aleksandrov +Signed-off-by: David S. Miller +Stable-dep-of: d5082d386eee ("ipv4: Fix route deletion when nexthop info is not specified") +Signed-off-by: Sasha Levin +--- + tools/testing/selftests/net/fib_nexthops.sh | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tools/testing/selftests/net/fib_nexthops.sh b/tools/testing/selftests/net/fib_nexthops.sh +index 8cca92c969b6..56d90335605d 100755 +--- a/tools/testing/selftests/net/fib_nexthops.sh ++++ b/tools/testing/selftests/net/fib_nexthops.sh +@@ -943,8 +943,8 @@ ipv4_fcnal() + [ $out1 -eq $out2 ] + rc=$? + log_test $rc 0 "Delete nexthop route warning" +- run_cmd "$IP ip route delete 172.16.101.1/32 nhid 12" +- run_cmd "$IP ip nexthop del id 12" ++ run_cmd "$IP route delete 172.16.101.1/32 nhid 12" ++ run_cmd "$IP nexthop del id 12" + } + + ipv4_grp_fcnal() +-- +2.35.1 + diff --git a/queue-5.10/series b/queue-5.10/series index e69e1f52c99..2b1e68214e6 100644 --- a/queue-5.10/series +++ b/queue-5.10/series @@ -67,3 +67,15 @@ drm-amdgpu-temporarily-disable-broken-clang-builds-due-to-blown-stack-frame.patc drm-i915-never-return-0-if-not-all-requests-retired.patch tracing-free-buffers-when-a-used-dynamic-event-is-removed.patch io_uring-don-t-hold-uring_lock-when-calling-io_run_task_work.patch +asoc-ops-fix-bounds-check-for-_sx-controls.patch +pinctrl-single-fix-potential-division-by-zero.patch +iommu-vt-d-fix-pci-device-refcount-leak-in-has_exter.patch +iommu-vt-d-fix-pci-device-refcount-leak-in-dmar_dev_.patch +parisc-increase-size-of-gcc-stack-frame-check.patch +xtensa-increase-size-of-gcc-stack-frame-check.patch +parisc-increase-frame_warn-to-2048-bytes-on-parisc.patch +kconfig.debug-provide-a-little-extra-frame_warn-leew.patch +selftests-net-add-delete-nexthop-route-warning-test.patch +selftests-net-fix-nexthop-warning-cleanup-double-ip-.patch +ipv4-handle-attempt-to-delete-multipath-route-when-f.patch +ipv4-fix-route-deletion-when-nexthop-info-is-not-spe.patch diff --git a/queue-5.10/xtensa-increase-size-of-gcc-stack-frame-check.patch b/queue-5.10/xtensa-increase-size-of-gcc-stack-frame-check.patch new file mode 100644 index 00000000000..35b2bcd17a0 --- /dev/null +++ b/queue-5.10/xtensa-increase-size-of-gcc-stack-frame-check.patch @@ -0,0 +1,46 @@ +From 699bd93aaa9e6803c01622fb18bb84d06e037050 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 24 Sep 2021 15:43:29 -0700 +Subject: xtensa: increase size of gcc stack frame check + +From: Guenter Roeck + +[ Upstream commit 867050247e295cf20fce046a92a7e6491fcfe066 ] + +xtensa frame size is larger than the frame size for almost all other +architectures. This results in more than 50 "the frame size of is +larger than 1024 bytes" errors when trying to build xtensa:allmodconfig. + +Increase frame size for xtensa to 1536 bytes to avoid compile errors due +to frame size limits. + +Link: https://lkml.kernel.org/r/20210912025235.3514761-1-linux@roeck-us.net +Signed-off-by: Guenter Roeck +Reviewed-by: Max Filippov +Cc: Chris Zankel +Cc: David Laight +Cc: Masahiro Yamada +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Stable-dep-of: 152fe65f300e ("Kconfig.debug: provide a little extra FRAME_WARN leeway when KASAN is enabled") +Signed-off-by: Sasha Levin +--- + lib/Kconfig.debug | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug +index 8cf3b87edd63..f6c50f8ee9a1 100644 +--- a/lib/Kconfig.debug ++++ b/lib/Kconfig.debug +@@ -298,7 +298,7 @@ config FRAME_WARN + int "Warn for stack frames larger than" + range 0 8192 + default 2048 if GCC_PLUGIN_LATENT_ENTROPY +- default 1536 if (!64BIT && PARISC) ++ default 1536 if (!64BIT && (PARISC || XTENSA)) + default 1024 if (!64BIT && !PARISC) + default 2048 if 64BIT + help +-- +2.35.1 +